General

  • Target

    Discord.AIO(1).rar

  • Size

    5.5MB

  • MD5

    3d588221b2c9781893e7b1ab01dc3fca

  • SHA1

    b5b04487b86a3cb53acff6bb28987567460203bf

  • SHA256

    0e4eb858a365905513d5a052b94a350f257a968cbb2c33245e18df8f7e36d9e1

  • SHA512

    a44d7cb00117c82dcbd797c5c3baabafda957174200cc0a914ff6bd80078816133be874dd12b6c11c6cb7312d1590f015b4231714b0cbd411b8e923ef97f18d1

  • SSDEEP

    98304:ln8/RJ25ew2yquO6/6mC1POC/vKfu+QQLUqnsjJcTIRUKKnI6tw0/lO8jraVv2pe:lnGIj2juO6/671POeEuNQQGcJcSK520K

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Discord.AIO(1).rar
    .rar

    Password: says

  • Discord.AIO(1).exe
    .exe windows:4 windows x86 arch:x86

    Password: says

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections